|
Home > Archive > IIS Server Security > September 2005 > 500: Server Error [Access Denied]
You are viewing an archived Text-only version of the thread.
To view this thread in it's original format and/or if you want to reply to
this thread please [click here]
| Author |
500: Server Error [Access Denied]
|
|
| Shane Roberts 2005-09-03, 2:49 am |
| Details:
I am the Sysadmin and IIS Support
The error above is with “Show friendly http messages” unchecked in the
browser settings. Otherwise it just gives an Internal Server 500 error.
Two servers contain exact copies of the website and are load balanced by BigIP
Servers are not members of any domain, all local permissions, they are DMZ
web servers only, Internet facing.
Windows 2000 Server, SP4
IIS 5.1
No DNS, everything is in local Host file and routing tables
Website uses .NET, ASP.NET (I’m not the developer and don’t know much about
the code)
Website uses Siteminder for client authentication and talks to a back-end
Sybase database
Internet customers browse to a login page, login and click hyperlinks to
access data (read-only), there is no data input. As users click these
hyperlinks they receive the error above. Not all the time, sometimes all the
time, sometimes hardly at all.
There are no errors reported in the Siteminder agent log on either web server
There are no 500 errors reported in the IIS logs for the website on either
server
There are no events in the event viewer on either server
If it were NTFS permissions I think it wouldn’t work all the time
At my work I can duplicate very fast the same error the external customers
get.
At home it takes me many, many tries to get the error
I can’t seem to get the error local on the web server, at least not yet
(maybe just luck?)
I can’t seem to locate where this error is coming from so it can be fixed.
Any thoughts, suggestions, ideas are VERY much appreciated.
Thanks,
Shane
| |
| Jeff Cochran 2005-09-04, 5:51 pm |
| On Fri, 2 Sep 2005 20:38:12 -0700, "Shane Roberts" <Shane
Roberts@discussions.microsoft.com> wrote:
>I am the Sysadmin and IIS Support
>
>The error above is with “Show friendly http messages” unchecked in the
>browser settings. Otherwise it just gives an Internal Server 500 error.
>
>Two servers contain exact copies of the website and are load balanced by BigIP
>
>Servers are not members of any domain, all local permissions, they are DMZ
>web servers only, Internet facing.
>
>Windows 2000 Server, SP4
>
>IIS 5.1
>
>No DNS, everything is in local Host file and routing tables
>
>Website uses .NET, ASP.NET (I’m not the developer and don’t know much about
>the code)
>
>Website uses Siteminder for client authentication and talks to a back-end
>Sybase database
>
>Internet customers browse to a login page, login and click hyperlinks to
>access data (read-only), there is no data input. As users click these
>hyperlinks they receive the error above. Not all the time, sometimes all the
>time, sometimes hardly at all.
>
>There are no errors reported in the Siteminder agent log on either web server
>There are no 500 errors reported in the IIS logs for the website on either
>server
>There are no events in the event viewer on either server
>
>If it were NTFS permissions I think it wouldn’t work all the time
>
>At my work I can duplicate very fast the same error the external customers
>get.
>At home it takes me many, many tries to get the error
>I can’t seem to get the error local on the web server, at least not yet
>(maybe just luck?)
>
>I can’t seem to locate where this error is coming from so it can be fixed.
>
>Any thoughts, suggestions, ideas are VERY much appreciated.
Does BigIP share sessions across the cluster? Best guess is it
doesn't, at least isn't in your case.
Jeff
| |
| Shane Roberts 2005-09-06, 8:49 pm |
| BigIP for the web server team is setup for Round Robin.
Over the weekend many hours of testing were done and it appears this error
only happens when accessed through a proxy, whether internal to my company or
at the external customers location through their proxy. However the exact
cause is still unkown. The website is https so there wouldnt be any proxy
caching of secured data, but I discovered today the webservers Siteminder
agent is setup to use cookies not but secure cookies. This leads me to think
the proxy could be caching the cookie information. There is no doubt a
caching problem causing this, just not sure yet if Siteminder or proxy cache,
an what is being cached.
"Jeff Cochran" wrote:
> On Fri, 2 Sep 2005 20:38:12 -0700, "Shane Roberts" <Shane
> Roberts@discussions.microsoft.com> wrote:
>
>
> Does BigIP share sessions across the cluster? Best guess is it
> doesn't, at least isn't in your case.
>
> Jeff
>
|
|
|
|
|